Research & Development Roadmap 1. Outline A New Communication Framework Giving Bro Control over the Network Security Monitoring for Industrial Control.

Slides:



Advertisements
Similar presentations
10/04/2001 Associate Professor CS Department University of Valenciennes France Dr. Dhavy Gantsou.
Advertisements

Declarative sensor networks David Chu Computer Science Division EECS Department UC Berkeley DBLunch UC Berkeley 2 March 2007.
Overview: Chapter 7  Sensor node platforms must contend with many issues  Energy consumption  Sensing environment  Networking  Real-time constraints.
Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Chapter 13 Embedded Systems
Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Scripting Languages For Virtual Worlds. Outline Necessary Features Classes, Prototypes, and Mixins Static vs. Dynamic Typing Concurrency Versioning Distribution.
Chapter 13 Embedded Systems
Establishing the overall structure of a software system
Computer Science Linux Dionisys: A Kernel-Based Approach to QoS Management Richard West & Jason Gloudon Operating Systems & Services Group.
CprE 458/558: Real-Time Systems
5 th Biennial Ptolemy Miniconference Berkeley, CA, May 9, 2003 MESCAL Application Modeling and Mapping: Warpath Andrew Mihal and the MESCAL team UC Berkeley.
Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.
PALM-3000 Software Architecture T. TRUONG Team Meeting #7 27 February 2008.
Architectural Design, Distributed Systems Architectures
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 11 Slide 1 Architectural Design.
(1) Modeling Digital Systems © Sudhakar Yalamanchili, Georgia Institute of Technology, 2006.
ADLB Update Recent and Current Adventures with the Asynchronous Dynamic Load Balancing Library Rusty Lusk Mathematics and Computer Science Division Argonne.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.
Institute of Computer and Communication Network Engineering OFC/NFOEC, 6-10 March 2011, Los Angeles, CA Lessons Learned From Implementing a Path Computation.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Architectural Design l Establishing the overall structure of a software system.
CS451 Lecture 13: Architectural Design Chapter 10
Architectural Design. Recap Introduction to design Design models Characteristics of good design Design Concepts.
©Ian Sommerville 1995 Software Engineering, 5th edition. Chapter 13Slide 1 Architectural Design u Establishing the overall structure of a software system.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Chapter 10 Architectural Design.
Architectural Design, Distributed Systems Architectures
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 11Slide 1 Chapter 11 Distributed Systems Architectures.
An Introduction to Software Architecture
Architectural Design portions ©Ian Sommerville 1995 Establishing the overall structure of a software system.
Overview of implementations openBGP (and openOSPF) –Active development Zebra –Commercialized Quagga –Active development XORP –Hot Gated –Dead/commercialized.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Architectural Design l Establishing the overall structure of a software system.
1 H ardware D escription L anguages Modeling Digital Systems.
Model-Driven Analysis Frameworks for Embedded Systems George Edwards USC Center for Systems and Software Engineering
Architectural Design lecture 10. Topics covered Architectural design decisions System organisation Control styles Reference architectures.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 10Slide 1 Architectural Design l Establishing the overall structure of a software system.
Advanced Computer Networks Topic 2: Characterization of Distributed Systems.
MAPLD Reconfigurable Computing Birds-of-a-Feather Programming Tools Jeffrey S. Vetter M. C. Smith, P. C. Roth O. O. Storaasli, S. R. Alam
Extending SDN to Handle Dynamic Middlebox Actions via FlowTags (Full version to appear in NSDI’14) Seyed K. Fayazbakhsh, Luis Chiang, Vyas Sekar, Minlan.
Hardware-software Interface Xiaofeng Fan
Tool Integration with Data and Computation Grid GWE - “Grid Wizard Enterprise”
Performance evaluation of component-based software systems Seminar of Component Engineering course Rofideh hadighi 7 Jan 2010.
Issues Autonomic operation (fault tolerance) Minimize interference to applications Hardware support for new operating systems Resource management (global.
Reconsidering Internet Mobility Alex C. Snoeren, Hari Balakrishnan, M. Frans Kaashoek MIT Laboratory for Computer Science.
A Summary of the Distributed System Concepts and Architectures Gayathri V.R. Kunapuli
OPERATING SYSTEM SUPPORT DISTRIBUTED SYSTEMS CHAPTER 6 Lawrence Heyman July 8, 2002.
©Kabira Technologies Inc, 2001 May 7-9, 2001 Westward Look Resort Tucson, Arizona SMUG 2001 Execution in UML.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
The Cosmic Cube Charles L. Seitz Presented By: Jason D. Robey 2 APR 03.
University of Toronto at Scarborough © Kersti Wain-Bantin CSCC40 system architecture 1 after designing to meet functional requirements, design the system.
Department of Computer Science and Engineering Applied Research Laboratory Architecture for a Hardware Based, TCP/IP Content Scanning System David V. Schuehler.
©Ian Sommerville, Robin Abraham 2004CS 361, Summer 2004 Slide 1 Architectural Design.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
International Symposium on Grid Computing (ISGC-07), Taipei - March 26-29, 2007 Of 16 1 A Novel Grid Resource Broker Cum Meta Scheduler - Asvija B System.
1 Flexible, High-Speed Intrusion Detection Using Bro Vern Paxson Computational Research Division Lawrence Berkeley National Laboratory and ICSI Center.
A N I N - MEMORY F RAMEWORK FOR E XTENDED M AP R EDUCE 2011 Third IEEE International Conference on Coud Computing Technology and Science.
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler InCert Software.
Satisfying Requirements BPF for DRA shall address: –DAQ Environment (Eclipse RCP): Gumtree ISEE workbench integration; –Design Composing and Configurability,
OOD OO Design. OOD-2 OO Development Requirements Use case analysis OO Analysis –Models from the domain and application OO Design –Mapping of model.
By Nitin Bahadur Gokul Nadathur Department of Computer Sciences University of Wisconsin-Madison Spring 2000.
Slide 1 Chapter 8 Architectural Design. Slide 2 Topics covered l System structuring l Control models l Modular decomposition l Domain-specific architectures.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Spring 2003CSE P5481 WaveScalar and the WaveCache Steven Swanson Ken Michelson Mark Oskin Tom Anderson Susan Eggers University of Washington.
Extending Model-Driven Engineering in Tango
Model-Driven Analysis Frameworks for Embedded Systems
Shanna-Shaye Forbes Ben Lickly Man-Kit Leung
An Introduction to Software Architecture
Presentation transcript:

Research & Development Roadmap 1

Outline A New Communication Framework Giving Bro Control over the Network Security Monitoring for Industrial Control Systems Parallelism on Concurrent Architectures 2

COMMUNICATION NG 3

Communication Today Primitives Sending events &synchronized Limitations Model doesn’t scale; no hierarchies Loose semantics: best effort service No integration with persistence Implementation lacks robustness Two separate protocol implementations 4

Initial Proposal Extend event propagation Routing Subscription groups Push/pull models Remove &synchronized (and the proxies...) Add global, persistent data structure Probably just key/value store Explicit API 5

Initial Proposal (cont’d.) Implementation “Data nodes” in charge of tables; nodes attach Receive updates and broadcast them back out Limit values to atomic data types Use existing libraries Implement as a library Trading “magic” for better semantics and control 6

GIVING BRO CONTROL OVER THE NETWORK 7

Objectives Bro controls what it sees Adapt the front-end load-balancing Bro controls what the network does Block, steer, shape 8

Targeting 100 Gb/s... 9 Source: ESNet

Science DMZs 10 Source: ESNet 100 G 10/10 0G

Science DMZ Switch Control APIAPI 100 Gb/s Cluster G Load-balancer 100G Load-balancer 10GE Bro Cluster APIAPI Control BorderRouterBorderRouter 100GE

Transparent Script Interface Packet Acquisition drop(entity) sample(entity) notify(entity, cond) Packet Control drop(entity) sample(entity) throttle(entity) redirect(entity, destination) 12

Transparent Script Interface (cont’d.) “Entity” could be very different things... Plugins implement what hardware supports 13

SECURITY MONITORING FOR ICS 14

Industrial Control Systems Critical resources, yet lacking in protection Often legacy hardware hard to protect Not built with security in mind Class IDS not a good fit Attacks rare / unknown Behavioral approaches don’t take context into account 15

Industrial Control Systems (cont’d.) Significant potential through incorporating semantics Understand protocols Bro-style Create visibility Develop models of what we should be seeing Anomaly detection could actually work here 16

First steps... Protocol support in 2.2 Modbus DNP3 Only basic script analysis so far 17

Research Thrusts (1) Measurement study: What do we see? Actors, workloads, cross-site characterization As we do that, extend Bro’s logging Environments Municipal water and gas plants Campus power-plant Building automation at a large research lab Looking for more... 18

Research Thrusts (2) Semantic models for monitoring Statistical profiling Summary statistics framework Power Grid State Model PLC Memory Maps 19

PLC Memory Maps 20 Categorize registers Constant, attribute, continuos Derive predictive models... and validate them

PARALLELISM ON CONCURRENT ARCHITECTURES 21

Concurrency Potential 22

Concurrent Analysis 23 Network Event Engine Protocol Decoding Policy Script Interpreter Analysis Logic Logs Events Packets Notification

Architecture 24 Event Engine NetworkNetwork Events Notification Script Threads Scripting Language Event Engine Threads Event Engine Threads Packet Analysis Detection Logic DispatcherDispatcher Packet Dispatcher (NIC)

Thread1Thread1Thread2Thread2Thread3Thread3Thread4Thread4……ThreadnThreadn Parallel Event Scheduling 25 Threaded Script Interpreter Queue http_request Conn A http_request Conn B conn_rejected Orig X conn_rejected Orig X conn_rejected Orig Y http_reply Conn B http_request Conn A http_reply Conn A

New Platform: Abstract Machine 26 First-class networking types built-in Containers with state management support Platform for building high-level, reusable functionality on Domain-specific concurrency model Well-defined, contained execution environment Domain- specific Data Types Robust/Secure Execution Concurrent Analysis High-level Standard Components State Management Timers can drive execution Real-time Performance Support for incremental processing Extensive optimization potential Scalability through parallelization Static type-system, and robust error handling Compilation to native code A High-Level Intermediary Language for Traffic Inspection

HILTI Toolchain 27 A High-Level Intermediary Language for Traffic Inspection

Research Questions How to identify state dependencies? Static program analysis to drive scheduling How to leverage hardware capabilities? E.g., network processors, hardware lookup modules 28

HILTI enables more BinPAC++ Demo

Robin Sommer International Computer Science Institute, & Lawrence Berkeley National Laboratory Robin Sommer International Computer Science Institute, & Lawrence Berkeley National Laboratory 30

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.